Re: BCC email virus

From: Meritt James (meritt_james@bah.com)
Date: 02/14/02


Date: Thu, 14 Feb 2002 13:17:22 -0500
From: "Meritt James" <meritt_james@bah.com>
To: John Daniele <johnd@tsintel.com>

Right. That is a way they may be run. Don't do that. Not that big a
thing to modify your own configuration.

V/R

Jim

John Daniele wrote:
>
> > Why just don't run emailed executables?
>
> Because for as long as you are running an email client that interprets
> vb/java/lotus/*scripting code, you are at risk. There have been cases
> where executable code is automatically run simply by clicking on the
> message as opposed to running it manually. I've also seen one one case
> where the executable was executed accidently by buggy code implemented
> as a part of the email client's export-attachment function.
>
> ----------------------------------
> John Daniele
> Technical Security & Intelligence
> Toronto, ON
> Voice: (416) 605-2041
> Email: johnd@tsintel.com
> Web: http://www.tsintel.com
> ----------------------------------

-- 
James W. Meritt CISSP, CISA
Booz | Allen | Hamilton
phone: (410) 684-6566